search for: sack_perm

...erwise if that is not possible, fixable on the client-side while still permitting microsoft accounts? Packet dump (raw): https://www.vulnscan.org/tmp/cannotconnectsmb.pcap Packet dump (text) below: 1 0.000000 10.0.6.178 -> 10.0.0.7 TCP 66 49939→445 [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1 2 0.000049 10.0.0.7 -> 10.0.6.178 TCP 66 445→49939 [SYN, ACK] Seq=0 Ack=1 Win=29200 Len=0 MSS=1460 SACK_PERM=1 WS=128 3 0.002343 10.0.6.178 -> 10.0.0.7 TCP 60 49939→445 [ACK] Seq=1 Ack=1 Win=65536 Len=0 4 0.002514 10.0.6.178 -> 10.0.0.7 SMB 213 Negotiate Protocol Request 5 0.002528 10....

...fixable on the client-side while still permitting > microsoft accounts? > > Packet dump (raw): https://www.vulnscan.org/tmp/cannotconnectsmb.pcap > > Packet dump (text) below: > 1 0.000000 10.0.6.178 -> 10.0.0.7 TCP 66 49939→445 [SYN] Seq=0 > Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1 > 2 0.000049 10.0.0.7 -> 10.0.6.178 TCP 66 445→49939 [SYN, ACK] Seq=0 > Ack=1 Win=29200 Len=0 MSS=1460 SACK_PERM=1 WS=128 > 3 0.002343 10.0.6.178 -> 10.0.0.7 TCP 60 49939→445 [ACK] Seq=1 Ack=1 > Win=65536 Len=0 > 4 0.002514 10.0.6.178 -> 10.0.0.7 SMB 213 Negotiate Protoc...

...and lookup my users in the expected way. What follows is the conversation between (one of) the LDAP server(s) and dovecot after a issue of the command $ doveadm user -u <user>@galliera.it : 62.785686 10.0.31.235 -> 10.0.5.0 TCP 74 43053 > ldap [SYN] Seq=0 Win=14600 Len=0 MSS=1460 SACK_PERM=1 TSval=536265719 TSecr=0 WS=32 62.786216 10.0.5.0 -> 10.0.31.235 TCP 78 ldap > 43053 [SYN, ACK] Seq=0 Ack=1 Win=16384 Len=0 MSS=1460 WS=1 TSval=0 TSecr=0 SACK_PERM=1 62.786279 10.0.31.235 -> 10.0.5.0 TCP 66 43053 > ldap [ACK] Seq=1 Ack=1 Win=14624 Len=0 TSval=536265719 TSec...

...ed connections only allow sasl binds with sign or seal. > > Default: ldap server require strong auth = yes So, doing some tests: AD, 'ldap server require strong auth = yes' (default) 8 32.680120 10.5.1.202 -> 10.5.1.25 TCP 74 40253→389 [SYN] Seq=0 Win=5840 Len=0 MSS=1460 SACK_PERM=1 TSval=121046256 TSecr=0 WS=16 9 32.680132 10.5.1.25 -> 10.5.1.202 TCP 74 389→40253 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=361876476 TSecr=121046256 WS=128 10 32.680292 10.5.1.202 -> 10.5.1.25 TCP 66 40253→389 [ACK] Seq=1 Ack=1 Win=5840 Len=0 TSval=1...

...h sign or seal. > > > Default: ldap server require strong auth = yes Correct. > > So, doing some tests: > > AD, 'ldap server require strong auth = yes' (default) > 8 32.680120 10.5.1.202 -> 10.5.1.25 TCP 74 40253→389 [SYN] Seq=0 Win=5840 Len=0 MSS=1460 SACK_PERM=1 TSval=121046256 TSecr=0 WS=16 > 9 32.680132 10.5.1.25 -> 10.5.1.202 TCP 74 389→40253 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=361876476 TSecr=121046256 WS=128 > 10 32.680292 10.5.1.202 -> 10.5.1.25 TCP 66 40253→389 [ACK] Seq=1 Ack=1 Win=5840 Len...

Mandi! Andrew Bartlett via samba In chel di` si favelave... > > This mean that the printer try to auth in LDAP 'plain' (no SSL, no > > TLS), and so samba refuse that? > No, it means that Samba is refusing to accept a NTLM or Kerberos > authenticated connection without SIGN or SEAL negotiated, as an > attacker could take over an unprotected network connection and do

...lt: ldap server require strong auth = yes > > Correct. > >> >> So, doing some tests: >> >> AD, 'ldap server require strong auth = yes' (default) >> 8 32.680120 10.5.1.202 -> 10.5.1.25 TCP 74 40253???389 [SYN] Seq=0 Win=5840 Len=0 MSS=1460 SACK_PERM=1 TSval=121046256 TSecr=0 WS=16 >> 9 32.680132 10.5.1.25 -> 10.5.1.202 TCP 74 389???40253 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=361876476 TSecr=121046256 WS=128 >> 10 32.680292 10.5.1.202 -> 10.5.1.25 TCP 66 40253???389 [ACK] Seq=1 Ack=1 Wi...

...of X> port 34998 options 700000c socket 12 status 100 (A) at <IP of Y> port 32820 options 700000c socket 9 status 100 tshark capture on (A) of "curl 10.0.0.1" from (A) > 1 0.000000000 10.0.0.2 → 10.0.0.1 TCP 60 46736 → 80 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 SACK_PERM=1 TSval=3299780639 TSecr=0 WS=128 > 2 0.039290163 10.0.0.1 → 10.0.0.2 TCP 60 80 → 46736 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1385 SACK_PERM=1 TSval=3219761779 TSecr=3299780639 WS=64 > 3 0.039333808 10.0.0.2 → 10.0.0.1 TCP 52 46736 → 80 [ACK] Seq=1 Ack=1 Win=64256...

...tion to external source, i can set (between LDAP, NTLM, NDS, ...) 'Active Directory', and i can/must provide the domain naime. After that, DNS and kerberos seems to work, but actual auth no: 1 0.000000 10.5.1.202 -> 10.5.1.25 TCP 74 51004→88 [SYN] Seq=0 Win=5840 Len=0 MSS=1460 SACK_PERM=1 TSval=89369296 TSecr=0 WS=16 2 0.000026 10.5.1.25 -> 10.5.1.202 TCP 74 88→51004 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=2012173857 TSecr=89369296 WS=128 3 0.000163 10.5.1.202 -> 10.5.1.25 TCP 66 51004→88 [ACK] Seq=1 Ack=1 Win=5840 Len=0 TSval=8936...

...t of supported authentication mechanisms. Could not connect to 148.197.29.5: Connection refused wireshark shows just two lines using tcp.port==993 filter Unfortunately this does not mean much to me! 124 3.276582000 148.197.29.159 148.197.29.5 TCP 74 54564?993 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=71392019 TSecr=0 WS=128 125 3.276770000 148.197.29.5 148.197.29.159 TCP 60 993?54564 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0 I have tried the following to no avail tcpdump -s 0 -w dump_file ssldump -a -A -H -d -r dump_file and selinux in permissive mode firewall off Help! John

...le phone and server was too long. Then I use tcpdump to capture the data and found that the problem maybe has something to do with window scale option in SYN packet. Here is the SYN packet for websocket connection: 55488 ? 443 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=64 TSval=570815281 TSecr=0 SACK_PERM=1 But the server did not respond with ack. Then several retransmissions of SYN occured. Finally, the client sent a retransmission of SYN: 55488 ? 443 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 SACK_PERM=1 Then the server responded with ack. I also captured other data of HTTP connection and foun...

...C internal DNS by TCP protocol. Since recently, I troubled More and more connections without closing. TCPDUMPed(and wireshark) > No. Time Source Destination Protocol Length Info > 23 2020-11-10 19:21:40.775442 [GoogleWifiAP] [SambaAD-DC] TCP 74 48861 ? 53 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=194291876 TSecr=0 WS=64 > 24 2020-11-10 19:21:40.775505 [SambaAD-DC] [GoogleWifiAP] TCP 74 53 ? 48861 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=1380837521 TSecr=194291876 WS=128 > 25 2020-11-10 19:21:40.776362 [GoogleWifiAP] [SambaAD-DC] TCP 66 48861 ? 53 [ACK]...

....16 TCP 60 49215 > domain [ACK] Seq=12 Ack=2 Win=65536 Len=0 $ telnet <domain ip> 445 --> from client $ tshark host 192.168.1.253 --> at server 106.929307 192.168.1.253 -> 192.168.10.16 TCP 66 49216 > microsoft-ds [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1 106.929319 192.168.10.16 -> 192.168.1.253 TCP 66 microsoft-ds > 49216 [SYN, ACK] Seq=0 Ack=1 Win=14600 Len=0 MSS=1460 SACK_PERM=1 WS=128 106.950451 192.168.1.253 -> 192.168.10.16 TCP 60 49216 > microsoft-ds [ACK] Seq=1 Ack=1 Win=65536 Len=0 116.266820 192.168.1.253 -> 192.168.10.16...

Hi Rowland, Sorry to inform that none of thus packages solve my problem. But today, with some Tranquil.it helps, I have some news: - Upgrade from 4.11.14 -> 4.12.9 is OK - Upgrade from 4.12.9 -> 4.13.2 : problem is present with Tranquil.it AND Louis package - Fresh install + member join with 4.13.2 is OK (Centos AND Buster packages) Problem only occur when upgrading member to 4.13.2 with

Hey all, I have a public peer system (yy.yy.yy.yy) that is reachable via my home uplink (xx.xx.xx.xxx). 15:59:30.244199 IP xx.xx.xx.xxx.42958 > yy.yy.yy.yy.https: tcp 0 15:59:30.281931 IP yy.yy.yy.yy.https > xx.xx.xx.xxx.42958: tcp 0 15:59:30.281945 IP xx.xx.xx.xxx.42958 > yy.yy.yy.yy.https: tcp 0 15:59:30.305020 IP xx.xx.xx.xxx.42958 > yy.yy.yy.yy.https: tcp 105 15:59:30.344004 IP

...fferent provider). Before contacting them I want to be sure that my system is not causing this. So far i just see a "tcp retransmission" while trying to establish a https connection (captured on our router): office -> destination: TCP 66 54487?443 [SYN] Seq=0 Win=5840 Len=0 MSS=1460 SACK_PERM=1 WS=8 office -> destination: TCP 66 [TCP Retransmission] 54487?443 [SYN] Seq=0 Win=5840 Len=0 MSS=1460 SACK_PERM=1 WS=8 from my home and office, I can see via traceroute that for the destination the entry hop is the same. So, the destination is not responding with SYN,ACK when the connection...

...97.29.5: Connection refused >> >> wireshark shows just two lines using tcp.port==993 filter >> Unfortunately this does not mean much to me! >> >> 124 3.276582000 148.197.29.159 148.197.29.5 TCP 74 >> 54564?993 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 >> TSval=71392019 TSecr=0 WS=128 >> >> 125 3.276770000 148.197.29.5 148.197.29.159 TCP 60 >> 993?54564 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0 >> >> I have tried the following to no avail >> tcpdump -s 0 -w dump_file >> ssldump -a -A -H...

...ort it, after all, it isn't something new ;-) Mi confusion grow. ;-) As stated in my previous email, MFP printer works with this tshark dump: AD, 'ldap server require strong auth = no' 1 0.000000 10.5.1.202 -> 10.5.1.25 TCP 74 40258→389 [SYN] Seq=0 Win=5840 Len=0 MSS=1460 SACK_PERM=1 TSval=121084503 TSecr=0 WS=16 2 0.000019 10.5.1.25 -> 10.5.1.202 TCP 74 389→40258 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=361924284 TSecr=121084503 WS=128 3 0.000179 10.5.1.202 -> 10.5.1.25 TCP 66 40258→389 [ACK] Seq=1 Ack=1 Win=5840 Len=0 TSval=1...

Mandi! Andrew Bartlett via samba In chel di` si favelave... > > There's some way to ''tight'' that configuration , eg permit 'ldap server require strong auth = > > no' only by some hosts? > > Or some other smb.conf options that i've missed? > Nothing at this stage. Ok. > The issue is that they need to do fully signed or sealed Kerberos

...``` No. Time Source Destination Protocol Length Info Delta 4 09:23:40.660635 204.52.24.116 104.18.2.35 TCP 70 57394 ? 443 [SYN] Seq=0 Win=42340 Len=0 MSS=1460 SACK_PERM WS=4096 10.014701 Frame 4: 70 bytes on wire (560 bits), 70 bytes captured (560 bits) Ethernet II, Src: 4e:42:14:a1:2a:fb (4e:42:14:a1:2a:fb), Dst: IETF-VRRP-VRID_ff (00:00:5e:00:01:ff) 802.1Q Virtual LAN, PRI: 0, DEI: 0, ID: 120 Internet Protocol Version 4, Src: 204.52.24.116, Dst: 104.18.2.35 Tra...